News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Heads up! Many “optional non-security” updates are on the way

    Home Forums AskWoody blog Heads up! Many “optional non-security” updates are on the way

    This topic contains 23 replies, has 13 voices, and was last updated by  ChrisAVWood 2 months, 2 weeks ago.

    • Author
      Posts
    • #1963380 Reply

      woody
      Da Boss

      These aren’t the wimpy download-only IE patches from yesterday. They’re the whole nine yards. Details coming.
      [See the full post at: Heads up! Many “optional non-security” updates are on the way]

    • #1963383 Reply

      EP
      AskWoody_MVP

      unlike the catalog only download patches released Mon 9/23, these new ones on 9/24 are available thru both Windows Update and MS Update Catalog. and new preview rollups for win7 (kb4516048) & win8.1 (kb4516041) are available as well on both MUC & WU.

      1 user thanked author for this post.
    • #1963398 Reply

      woody
      Da Boss

      Can anybody verify for me if the Monthly Rollup Previews include the CVE-2019-1367 Internet Explorer fix?

      • #1963402 Reply

        geekdom
        AskWoody Plus

        https://support.microsoft.com/en-us/help/4516048/windows-7-update-kb4516048

        The above documentation indicates no Internet Explorer fix.

        Group G{ot backup} TestBeta On hiatus.
        Win7Pro · x64 · SP1 · i3-3220 · RAM 8GB · Firefox: uBlock Origin - NoScript · HDD · Canon Printer · Microsoft Security Essentials · Windows: Backup - System Image - Rescue Disk - Firewall
        1 user thanked author for this post.
      • #1963403 Reply

        EP
        AskWoody_MVP

        I’ve checked the contents of the KB4516048 and KB4516041 cab files and the updated IE files (v11.0.9600.19467) are there. so the recent IE fixes are included in the preview rollups. it’s just that MS has not documented (or perhaps admitted) about that

        if you need a 2nd opinion, ask abbodi86

        • This reply was modified 2 months, 2 weeks ago by  EP.
        3 users thanked author for this post.
    • #1963400 Reply

      woody
      Da Boss

      … and while we’re at it, can anybody explain to me why an “optional non-security” Win10 patch plugs a security hole?

    • #1963401 Reply

      Tex265
      AskWoody Plus

      OK so as respects Windows 10 ver 1803, I have KB4515058 the Sept CU, KB4522014 the replacement Sept CU to fix the IE problem, and now KB4516045 the latest Sept CU to fix all the previous plus more issues.

      Susan more or less says we all need the IE fix whether IE is used or not.  So when is Woody going to make the Defcon call, and at this point probably needing a MS Catalog download if want to wait on the last CU fix KB4516045.

      Also the Sept CU needed a Service Stack update which would automatically install with the original KB4516058.  Will it automatically install with any of the 3 above Sept KB’s?

      If a MS Catalog download is now necessary, does the Service Stack now need to also be manually downloaded and installed first?

      Windows 10 Pro x64 v1903 and Windows 7 Pro SP1 x64
      • #1963405 Reply

        EP
        AskWoody_MVP

        @tex265: the KB4516045 update is available thru both windows update & MS Update catalog (cuz MS said so in their support article, unlike KB4522014 which was available thru the catalog site only):
        https://support.microsoft.com/help/4516045/

        simply check later or the next day for KB4516045 to become available thru WU

        • This reply was modified 2 months, 2 weeks ago by  EP.
        1 user thanked author for this post.
        • #1963478 Reply

          Tex265
          AskWoody Plus

          KB4516045 seems more like and Optional Preview.
          So if I want the Sept CU and the IE fix, it is the KB4522014 via the Catalog, and per PKCano below a manual install of the latest Service Stack first.

          OR if still possible install the original Sept CU KB4516058 (which will also install the Service Stack) then KB4522014. However KB4516045 may have now superceded KB4516058 as the available WUpdater?

          Are there any problems reported with KB4516058 to worry about?

          Windows 10 Pro x64 v1903 and Windows 7 Pro SP1 x64
      • #1963408 Reply

        PKCano
        Da Boss

        Servicing Stacks do not install automatically with manual CU installe. They are only automaic with updates through Windows Update. If you manually install you will also have to install the SSU FIRST.

        3 users thanked author for this post.
      • #1963411 Reply

        woody
        Da Boss

        I’m just starting to see unconfirmed reports that CVE-2019-1367 is being used by the government-affiliated DarkHotel group. I don’t see any indication that the problem is widespread.

        There’s no need for “normal” users to patch yet. That’s why the patch hasn’t been distributed widely.

    • #1963406 Reply

      ChrisAVWood
      AskWoody Plus

      It came out as optional as it required a reboot. The Sep 24 seeking version wasn’t mentioned.

      • #1963409 Reply

        geekdom
        AskWoody Plus

        It came out as optional as it required a reboot. The Sep 24 seeking version wasn’t mentioned.

        Which patch are you referring to?

        Group G{ot backup} TestBeta On hiatus.
        Win7Pro · x64 · SP1 · i3-3220 · RAM 8GB · Firefox: uBlock Origin - NoScript · HDD · Canon Printer · Microsoft Security Essentials · Windows: Backup - System Image - Rescue Disk - Firewall
    • #1963413 Reply

      ChrisAVWood
      AskWoody Plus

      The info I got from Microsoft was talking about the IE only fix. Available in the catalogue yesterday followed by WU and WSUS today. There was no mention of todays versions that include other optional fixes.

      • #1963443 Reply

        geekdom
        AskWoody Plus

        There may be a mismatch between Microsoft documentation and patch contents. Read here:
        #1963403

        Group G{ot backup} TestBeta On hiatus.
        Win7Pro · x64 · SP1 · i3-3220 · RAM 8GB · Firefox: uBlock Origin - NoScript · HDD · Canon Printer · Microsoft Security Essentials · Windows: Backup - System Image - Rescue Disk - Firewall
        • This reply was modified 2 months, 2 weeks ago by  geekdom.
        • This reply was modified 2 months, 2 weeks ago by  geekdom.
      • #1963448 Reply

        woody
        Da Boss

        I don’t see the single-purpose IE patches coming through WU or WSUS. Do you?

    • #1963451 Reply

      jhvance
      AskWoody Lounger

      KB4516077 wouldn’t install on a 32Gb laptop w/Win10-1809×64; no error identified and the progress seemed normal up to a complaint about more storage space required.  I’ll try to scrape some more out of that limited amount by offloading some apps I don’t use much, but the space issues of that particular laptop (and many others of comparable design) are a real pain with these Win10 updates, which is why it’s still at v1809 and not v1903 (the latter won’t install).

    • #1963494 Reply

      TrueBlueBlooded
      AskWoody Lounger

      This “non-security” update supersedes all previous monthly cumulative updates so it has to include security fixes.  Microsoft must be smoking ***** if they think that it can be called a “non-security” update.

       

      • This reply was modified 2 months, 2 weeks ago by  woody. Reason: Bowdlerizing
    • #1963572 Reply

      Mr. Natural
      AskWoody Plus

      Well what most folks don’t realize is that Microsoft has a “Double secret probation” group for certain patches. These patches are so secret they don’t contain any information regarding the reason for patching.  Very confusing for some.  🙂

      Red Ruffnsore reporting from the front lines.

      Attachments:
      2 users thanked author for this post.
    • #1963605 Reply

      OscarCP
      AskWoody Plus

      Those of us running Windows 7 now are to be warned, after patching, that: “You may also receive an error in the Event Log related to cryptnet.dll.

      If that means that something is written to a file without my noticing, and no unwelcome pop-up appears out of the blue when I am in the middle of something at the PC, then there might very well be millions of such warnings, for all I care.

      Am I right in thinking this way?

      Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W + Mac&Lx

    • #1964059 Reply

      Alex5723
      AskWoody Plus

      Full list of fixes on Neowin.net

      Microsoft releases even more Windows 10 cumulative updates with tons of fixes

      https://www.neowin.net/news/microsoft-releases-even-more-windows-10-cumulative-updates-with-tons-of-fixes

    • #1964654 Reply

      abbodi86
      AskWoody_MVP

      Although the article did not say it directly, but Windows 7 Rollup KB4516048 adds the support for Extended Security Updates (i.e. special MAK keys)

      Windows 8.1 Rollup KB4516041 contain a backported Windows 10 feature (don’t panic, it’s not telemetry)
      https://docs.microsoft.com/en-us/windows-hardware/customize/desktop/unattend/microsoft-windows-shell-setup-oobe-vmmodeoptimizations

      i wonder why they didn’t document that yet, it’s nice feature

      1 user thanked author for this post.
    • #1965100 Reply

      ChrisAVWood
      AskWoody Plus

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Heads up! Many “optional non-security” updates are on the way

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.